AUTHOR ARCHIVES

Jessica Herrera-Flanigan

Jessica Herrera-Flanigan Jessica R. Herrera-Flanigan is a partner at the Monument Policy Group, where she focuses on the issues affecting our nation’s security, technology, commerce, and entertainment markets. Previously, she served as the Staff Director and General Counsel of the House Committee on Homeland Security. She also has served as Senior Counsel at the Computer Crime & Intellectual Property Section, Criminal Division, U.S. Department of Justice, where she led the Section’s cybercrime investigation team. She was a Member of the CSIS Commission on Cyber Security and is a Member of the ABA Standing Committee on Law & National Security. She currently serves as the Fellow for Cybersecurity at the Center for National Policy.
Results 71-80 of 90

Facebook's Token Leak

May 12, 2011 FROM NEXTGOV arrow Reps. Edward Markey and Joe Barton, co-chairs of the House privacy caucus, sent a letter to Facebook on Wednesday regarding a privacy/security vulnerability discovered by Symantec and reported by the Wall Street Journal. Facebook's hundreds of thousands of applications have apparently been leaking "access tokens" to third parties. Access tokens ...

Amazon Crash Lesson: Innovate but Verify

April 29, 2011 FROM NEXTGOV arrow While the federal government continues its efforts to expand into cloud and innovative technologies, the Amazon Elastic Compute Cloud (EC2) crash of last week reminds us of the need to "innovate but verify" as we move to the next realm of technologies. Today, Amazon issued a 5,700 word explanation of ...

Where is the Security in Today's Executive Order?

April 27, 2011 FROM NEXTGOV arrow President Obama signed an Executive Order today -- Streamlining Service Delivery and Improving Customer Service -- which aims to improve the quality and efficiency of IT-related services provided by the government to the public. The order requires each agency to develop within 180 a customer service plan to address how ...

Data Breach Reports Highlight Seriousness of Problem

April 19, 2011 FROM NEXTGOV arrow Today appears to be the day to release data breach reports. Major studies from three very different entities hit the presses today: Verizon's 2011 Data Breach Investigations, a study conducted by the Verizon RISK Team with cooperation from the U.S. Secret Service and the Dutch High Tech Crime Unit. Imperva ...

Geolocating You: Good Advertising or Too Invasive?

April 15, 2011 FROM NEXTGOV arrow Yong Wang of Northwestern University presented an interesting paper at the USENIX Symposium on Networked Systems Design and Implementation (NSDI) earlier this month. It explains how to geographically locate an IP address with a median error of about a half-mile square without any cooperation from the client on that IP ...

WordPress Hack Puts Government and Commercial Clients at Risk

April 13, 2011 FROM NEXTGOV arrow Continuing the trend in recent weeks of high-profile sites being attacked, the open source blog program WordPress announced that it was hacked on Wednesday and the hackers potentially made off with "anything." In a note posted on the WordPress webblog, founder Matt Mullenweg stated "Tough note to communicate today: Automattic ...

Symantec Threat Activity Report: U.S. Tops the List

April 6, 2011 FROM NEXTGOV arrow This week Symantec Corporation released its Internet Security Threat Report, Volume 16, which shows that cyberthreats are "skyrocket[ing] in volume and sophistication" and that the U.S. was tops in almost all that is cyberbad. Specifically, the report found that the U.S. was No. 1 in the following categories for 2010: ...

Epsilon: Exposing the Weakest Link

April 4, 2011 FROM NEXTGOV arrow For years, the buzz phrase in cybersecurity has been that a network is only as strong as its weakest link. In the last two days, I have received email alerts from six companies that I've shopped or otherwise done business with online telling me of a data breach and warning ...

When Do People Care Who You Are Online?

April 1, 2011 FROM NEXTGOV arrow Ross Anderson, a professor of Security Engineering at Cambridge University, presented his paper "Can We Fix the Security Economics of Federated Authentication?" this week at the Nineteenth International Workshop on Security Protocols. In Anderson's own words: Using one service to authenticate the users of another is an old dream but ...

BP Loses Laptop; Was Privacy Compromise Avoidable?

March 30, 2011 FROM NEXTGOV arrow BP is reporting that one of its employees lost a laptop containing the personal information of more than 13,000 people who filed compensation claims with the company in relation to the oil spill in the Gulf of Mexico. The laptop allegedly went missing on March 1, but the loss did ...